---
apiVersion: v1
kind: ConfigMap
metadata:
  name: bodhi-configmap
  labels:
    app: bodhi
data:
  krb5.conf: |-
    [logging]
     default = FILE:/var/log/krb5libs.log
     kdc = FILE:/var/log/krb5kdc.log
     admin_server = FILE:/var/log/kadmind.log
    [libdefaults]
     default_realm = {{ ipa_realm }}
     rdns = false
     dns_canonicalize_hostname = false
     dns_lookup_realm = false
     dns_lookup_kdc = false
     ticket_lifetime = 24h
     renew_lifetime = 7d
     forwardable = true
    [realms]
     {{ ipa_realm }} = {
      kdc = https://id{{ env_suffix }}.fedoraproject.org/KdcProxy
     }
    [domain_realm]
     .fedoraproject.org = FEDORAPROJECT.ORG
     fedoraproject.org = FEDORAPROJECT.ORG
    {% if env == "staging" %}
     .stg.phx2.fedoraproject.org = STG.FEDORAPROJECT.ORG
    {% endif %}
     .stg.fedoraproject.org = STG.FEDORAPROJECT.ORG
     stg.fedoraproject.org = STG.FEDORAPROJECT.ORG
  start.sh: |-
    mkdir /httpdir/run
    ln -s /etc/httpd/modules /httpdir/modules
    truncate --size=0 /httpdir/accesslog /httpdir/errorlog
    tail -qf /httpdir/accesslog /httpdir/errorlog &
    exec httpd -f /etc/bodhi/httpd.conf -DFOREGROUND -DNO_DETACH
  httpd.conf: |-
    Listen 0.0.0.0:8080
    ServerRoot "/httpdir"
    PidFile "/httpdir/httpd.pid"
    LoadModule authn_file_module modules/mod_authn_file.so
    LoadModule authn_anon_module modules/mod_authn_anon.so
    LoadModule authz_user_module modules/mod_authz_user.so
    LoadModule authz_host_module modules/mod_authz_host.so
    LoadModule include_module modules/mod_include.so
    LoadModule log_config_module modules/mod_log_config.so
    LoadModule env_module modules/mod_env.so
    LoadModule ext_filter_module modules/mod_ext_filter.so
    LoadModule expires_module modules/mod_expires.so
    LoadModule headers_module modules/mod_headers.so
    LoadModule mime_module modules/mod_mime.so
    LoadModule status_module modules/mod_status.so
    LoadModule negotiation_module modules/mod_negotiation.so
    LoadModule dir_module modules/mod_dir.so
    LoadModule alias_module modules/mod_alias.so
    LoadModule rewrite_module modules/mod_rewrite.so
    LoadModule version_module modules/mod_version.so
    LoadModule wsgi_module modules/mod_wsgi.so
    LoadModule authn_core_module modules/mod_authn_core.so
    LoadModule authz_core_module modules/mod_authz_core.so
    LoadModule unixd_module modules/mod_unixd.so
    LoadModule mpm_event_module modules/mod_mpm_event.so
    StartServers  20
    ServerLimit   100
    MaxRequestsPerChild 2000
    MaxRequestWorkers 100
    <Directory "/usr/share/doc/bodhi-docs/html/">
        AllowOverride None
        Require all granted
    </Directory>
    <Directory "/usr/lib/python2.7/site-packages/bodhi/server/static/">
        AllowOverride None
        Require all granted
    </Directory>
    <Location />
        Require all granted
    </Location>
    <Location /docs/>
        Header set Cache-Control public
        ExpiresDefault "access plus 1 month"
        Header unset ETag
    </Location>
    <Location /static/>
        Header set Cache-Control public
        ExpiresDefault "access plus 1 month"
        Header unset ETag
    </Location>
    LogFormat "%h %l %u %t \"%r\" %>s %b \"%{Referer}i\" \"%{User-Agent}i\"" combined
    CustomLog /httpdir/accesslog combined
    ErrorLog /httpdir/errorlog
    LogLevel info
    TypesConfig /etc/mime.types
    AddDefaultCharset UTF-8
    CoreDumpDirectory /tmp
    Alias /docs /usr/share/doc/bodhi-docs/html/
    Alias /static /usr/lib/python2.7/site-packages/bodhi/server/static/
    WSGIDaemonProcess bodhi display-name=bodhi processes=2 threads=2 maximum-requests=1000 home=/httpdir
    WSGIApplicationGroup %{GLOBAL}
    WSGISocketPrefix run/wsgi
    WSGIRestrictStdout Off
    WSGIRestrictSignal Off
    WSGIPythonOptimize 1
    WSGIScriptAlias / /usr/share/bodhi/bodhi.wsgi
  production.ini: |-
    {%- macro production_ini() %}    {% include "production.ini.j2" %}{%- endmacro -%}
    {{ production_ini() | indent() }}
---
apiVersion: v1
kind: ConfigMap
metadata:
  name: fedmsg-configmap
  labels:
    app: bodhi
data:
  bodhi-openshift-web.py: |-
    import socket
    hostname = socket.gethostname().split('.', 1)[0]
    config = {
        'sign_messages': True,
        'active': True,
        'cert_prefix': 'bodhi',
        'certnames': {'bodhi.{}'.format(socket.gethostname()): 'bodhi'},
        'relay_inbound': ['tcp://busgateway01{{ env_suffix }}.phx2.fedoraproject.org:9941'],
        'bodhi.%s' % hostname: ['tcp://busgateway01{{ env_suffix }}.phx2.fedoraproject.org:9941'],
{% if env == 'staging' %}
        'environment': 'stg',
        # stg should listen to the stg bus
        'endpoints': {
            'staging_gateway': ['tcp://stg.fedoraproject.org:9940']
        }
{% else %}
        'environment': 'prod',
{% endif %}
    }
